Lucene search
+L

8003 matches found

Zero Science Lab
Zero Science Lab
added 2010/09/08 12:0 a.m.23 views

Textpattern 4.2.0 (txplib_db) Null Termination Cross-Site Scripting Vulnerability

Summary Textpattern is an open source content management system unlike any other; it allows you to easily create, edit and publish content and make it beautiful in a professional, standards-compliant manner. Description Textpattern CMS version 4.2.0 suffers from a XSS vulnerability. Input passed...

6.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/09/07 12:0 a.m.43 views

Integard Home and Pro 2 - Remote HTTP Buffer Overflow

class Metasploit3 'Integard Home/Pro version 2.0', 'Description' = %q Exploit for Integard HTTP Server, vulnerability discovered by Lincoln , 'Author' = 'Lincoln', 'Nullthreat', 'rick2600', 'corelanc0d3r' , 'License' = MSFLICENSE, 'Version' = '$Revision: $', 'References' =...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/09/02 12:0 a.m.57 views

Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll)

OVERVIEW The Moovida Media Player application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, Unsafe Library Loading, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2010/08/30 12:0 a.m.54 views

Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll)

OVERVIEW The Maxthon Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Maxthon Browser is a...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/08/30 12:0 a.m.57 views

QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)

OVERVIEW The QtWeb Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION QtWeb Browser is a...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/18 12:0 a.m.25 views

Linkbucks.com Cross Site Scripting / URL Redirection

============================================================================== Linkbucks.com XSS & URL Redirection Vulnerabilities ============================================================================== 1. OVERVIEW A famous link-based advertising network, linkbucks.com, is currently...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/30 12:0 a.m.45 views

Mandriva Linux Security Advisory : kdelibs4 (MDVSA-2010:027)

Multiple vulnerabilities was discovered and corrected in kdelibs4 : KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '' NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...

9.3CVSS7.9AI score0.28167EPSS
Exploits57References8
Metasploit
Metasploit
added 2010/07/27 2:25 a.m.17 views

EasyFTP Server MKD Command Stack Buffer Overflow

This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11 and earlier. EasyFTP fails to check input size when parsing 'MKD' commands, which leads to a stack based buffer overflow. NOTE: EasyFTP allows anonymous access by default. However, in order to access the 'MKD' command,...

7.5AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/27 12:0 a.m.20 views

EasyFTP Server <= 1.7.0.11 MKD Command Stack Buffer Overflow

$Id: easyftpmkdfixret.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.7AI score
Exploits0
Mozilla
Mozilla
added 2010/07/20 12:0 a.m.47 views

nsTreeSelection dangling pointer remote code execution vulnerability — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an integer overflow vulnerability in the implementation of the XUL element's selection attribute. When the size of a new selection is sufficiently large the integer used in calculating the length of the selection can...

9.3CVSS3.5AI score0.06672EPSS
Exploits1References2Affected Software3
Exploit DB
Exploit DB
added 2010/07/12 12:0 a.m.45 views

Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit)

$Id: ms09072styleobject.rb 9787 2010-07-12 02:51:50Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS7AI score0.71802EPSS
Exploits4
securityvulns
securityvulns
added 2010/07/11 12:0 a.m.41 views

Re: RunCMS XSS Vulnerability via User Agent

Html tags were removed from the advisory during the submission process. Hopefully the following advisory will correct this. Title: RunCMS XSS Vulnerability via User Agent Vendor: RunCMS Product: RunCMS Tested Version: 2.1 Threat Class: XSS Severity: Medium Remote: yes Local: no Discovered By:...

6.2AI score
Exploits0
OpenVAS
OpenVAS
added 2010/07/09 12:0 a.m.8 views

Xlight FTP Server Multiple Directory Traversal Vulnerabilities

Xlight FTP Server is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user- supplied input. Exploiting these issues may allow an attacker to obtain sensitive information which could aid in further attacks. Xlight FTP Server 3.5.5 is vulnerable; other...

Exploits0References4
OpenVAS
OpenVAS
added 2010/07/06 12:0 a.m.31 views

Bugzilla 'time-tracking' Information Disclosure Vulnerability

Bugzilla is prone to an information-disclosure vulnerability. Exploits may allow attackers to obtain potentially sensitive information that may aid in other attacks. This issue affects the following: Bugzilla 2.17.1 through 3.2.6 Bugzilla 3.3.1 through 3.4.6 Bugzilla 3.5.1 through 3.6 Bugzilla 3....

5CVSS6.1AI score0.01521EPSS
Exploits1References3
securityvulns
securityvulns
added 2010/07/06 12:0 a.m.80 views

TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow

iSCSI target Multiple Implementations iSNS Stack Buffer Overflow TSL ID: FSC20100701-01 1. Affected Software iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior SCST project iscsi-scst 1.0.1.1 and prior tgt project tgt 1.0.5 and prior References: http://iscsitarget.sourceforge.net/...

5CVSS0.2AI score0.05347EPSS
Exploits0
exploitpack
exploitpack
added 2010/06/24 12:0 a.m.24 views

ActiveCollab 2.3.0 - Local File Inclusion Directory Traversal

ActiveCollab 2.3.0 - Local File Inclusion Directory Traversal ============================================================ PAINSEC SECURITY RESEARCH GROUP SECURITY ADVISORY 2010-001 - Original release date: June 24th, 2010 - Discovered by: Jose Carlos de Arriba dade at painsec dot com - Severity:...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2010/06/08 12:0 a.m.56 views

VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability &#40;CVE-2010-1392&#41;

VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability CVE-2010-1392 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Safari is a web browser developed by Apple. As of February 2010, Safari was the fourth most widely used browser, with...

9.3CVSS8.9AI score0.06691EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2010/06/07 3:37 p.m.5 views

perl: Safe restriction bypass when reference to subroutine in compartment is called from outside

The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...

8.5CVSS6AI score0.02797EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2010/06/07 3:22 p.m.14 views

perl: Safe restriction bypass when reference to subroutine in compartment is called from outside

The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...

8.5CVSS6AI score0.02797EPSS
Exploits2References4
exploitpack
exploitpack
added 2010/05/20 12:0 a.m.10 views

webYourPhotos 6.05 - index.php Remote File Inclusion

webYourPhotos 6.05 - index.php Remote File Inclusion ----------------------oOO------OOo----------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Sn!pEr.S!Te // 2o1o |...

7.5AI score
Exploits0
Rows per page
Query Builder